Today, SAINT released its latest version of Security Suite and SAINTCloud. In this release, we’ve introduced several new features and capabilities focused on scan workflows, analytics and management of larger-scale deployments. Here are a few highlights:
Scan Management Enhancements: A new feature has been added to permit resuming a previously stopped scan from the point where it left off when stopped, as well as viewing partial scan results for unfinished, in progress or interrupted scans.
Web Application Scanning Enhancements: Web applications are a major attack vector for hackers. Assessing these applications and web server hosts are essential to a comprehensive security practice. In this release, we’ve made enhancements to our authenticated web scanning capability to verify web application credentials handling, using the POST data authentication mode. This functionality provides verification at runtime that credentials are successful, before the full scan process begins, as well as providing a descriptive error message when credentials fail.
Dashboard Enhancements: We’ve added a new “Bar Limits” option in Panel options to specify between 10 and 100 series to display in charts. For example, display the top 25 most vulnerable hosts in a bar chart. In previous versions, this value was hard-coded at 10. Also, all panels that display data grids now include columns options for user-defined Asset Tags that have been defined for hosts included in the scan. A new color gradient option has also been added to the top-right dashboard panel menu for visual enhancement, if a panel type contains a pie graph.
New Analyst User Group: We’ve added a new Analyst user group. By default, this user group provides permissions to view content, create content specific to analysis (custom severities; asset tags and exclusions), and create reports. Using this pre-defined group This user was added as a fast and convenient way to segment permissions between users that are executing assessments and users with responsibilities for analyzing and reporting the results.
Scanner Node Management: For customers that have multi-scanner-node environments, you can now manually restart and update your scanning nodes from the GUI, making it easier to keep software versions in-sync. Also, a new “Node Status notification” feature has been added to the global Configuration System Options page. This feature provides the capability to receive email notifications when scanner nodes are disconnected, reconnect or are running outdated versions of the software.
Patch Report Enhancement: As we all know by now, Microsoft has redesigned the way in which they provide information related to patch information. To respond to this
redesign, we have updated the format of the Patch report template to map Knowledge Base (KB) articles as the method of identifying Microsoft patch information if an MS number is not available.